Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Addition of ITDR features to XDR playbooks in XSIAM #30105

Merged
merged 18 commits into from Oct 24, 2023
Merged

Addition of ITDR features to XDR playbooks in XSIAM #30105

merged 18 commits into from Oct 24, 2023

Conversation

idovandijk
Copy link
Contributor

@idovandijk idovandijk commented Oct 10, 2023
edited

Status

Ready

Related Issues

Fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-7245

Description

Added ITDR (Identity Threat Detection & Response) capabilities to XDR playbooks in XSIAM

@ShirleyDenkberg
Copy link
Contributor

@AdiPeret Doc review completed.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • Core pack version was bumped to 2.1.0.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • Core pack version was bumped to 2.1.0.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Collaborator

This PR was automatically updated by a GitHub Action

  • Core pack version was bumped to 2.1.0.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@idovandijk idovandijk merged commit d435bdd into master Oct 24, 2023
14 of 15 checks passed
@idovandijk idovandijk deleted the itdr-xsiam branch October 24, 2023 12:18
sapirshuker pushed a commit that referenced this pull request Dec 21, 2023
@idovandijk @ShirleyDenkberg
Addition of ITDR features to XDR playbooks in XSIAM (#30105)
252a387 
* Added alert fields, RDP brute-force playbooks, XDR layout

* formatted fields, layout and playbooks

* Regenerated RDP Brute Force playbook README

* Updated playbook images

* Release notes and versions

* Changed reason fields to be unsearchable due to performance implications

* Validation fixes

* Update Packs/Core/Playbooks/playbook-Possible_External_RDP_Brute-Force.yml

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/Core/Playbooks/playbook-Possible_External_RDP_Brute-Force.yml

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Bump pack from version Core to 2.1.0.

* Bump pack from version Core to 2.1.0.

* Bump pack from version Core to 2.1.0.

---------

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: Content Bot <bot@demisto.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShirleyDenkberg ShirleyDenkberg ShirleyDenkberg left review comments

@AdiPeret AdiPeret AdiPeret approved these changes

Assignees

@ShirleyDenkberg ShirleyDenkberg

Labels
docs-approved
Projects
None yet
Milestone
No milestone
4 participants
@idovandijk @ShirleyDenkberg @content-bot @AdiPeret